felix at tribut.de
Mon Jan 19 13:21:18 CET 2015
Am 19.01.2015 12:49, schrieb Wolfgang Breyha:
> Postfix doesn't honor 3.1.3 of the latest DANE-SMTP draft then?
It appears not to.
> "...SMTP client treatment of TLSA RRs with certificate usages
> or PKIX-EE(1) is undefined. SMTP clients should generally treat
> TLSA records as unusable."
Note that it says client treatment is undefined. It also says "should",
However, I don't think the connection should fail one way or the other
(the certificate appears to be signed by a proper CA even). See
More information about the dane-users